Enabled scraping etcd

This commit is contained in:
Stefan Reimer 2020-09-02 15:05:57 +01:00
parent dbf4148f31
commit b8dcdc89d3
3 changed files with 32 additions and 4 deletions

View File

@ -2,7 +2,7 @@ apiVersion: v2
name: kubezero-metrics name: kubezero-metrics
description: KubeZero Umbrella Chart for prometheus-operator description: KubeZero Umbrella Chart for prometheus-operator
type: application type: application
version: 0.1.3 version: 0.1.4
home: https://kubezero.com home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
keywords: keywords:
@ -16,7 +16,7 @@ dependencies:
version: ">= 0.1.3" version: ">= 0.1.3"
repository: https://zero-down-time.github.io/kubezero/ repository: https://zero-down-time.github.io/kubezero/
- name: prometheus-operator - name: prometheus-operator
version: 9.3.0 version: 9.3.1
repository: https://kubernetes-charts.storage.googleapis.com/ repository: https://kubernetes-charts.storage.googleapis.com/
- name: prometheus-adapter - name: prometheus-adapter
version: 2.5.0 version: 2.5.0

View File

@ -27,9 +27,11 @@ prometheus-operator:
kubeProxy: kubeProxy:
enabled: true enabled: true
# Disabled until we figure out how to scrape etcd with ssl client certs
kubeEtcd: kubeEtcd:
enabled: false enabled: true
service:
port: 2381
targetPort: 2381
kubeControllerManager: kubeControllerManager:
enabled: true enabled: true

26
docs/misc.md Normal file
View File

@ -0,0 +1,26 @@
## Security - Todo
- https://github.com/freach/kubernetes-security-best-practice
- https://github.com/aquasecurity/kube-bench
- https://kubernetes.io/docs/tasks/debug-application-cluster/audit/
- https://kubernetes.io/docs/tasks/debug-application-cluster/falco/
## Performance - Todo
- https://kubernetes.io/docs/tasks/administer-cluster/limit-storage-consumption/
- Set priorityclasses and proper CPU/MEM limits for core pods like api-server etc. as we host additional services on the master nodes which might affect these critical systems
see: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
## Storage - Todo
- OpenSource S3 - https://min.io/
- LinStore - DRDB for K8s - https://vitobotta.com/2020/01/04/linstor-storage-the-kubernetes-way/, https://github.com/kvaps/kube-linstor, https://github.com/piraeusdatastore/piraeus
- ChubaoFS - CephFS competitor
# Monitoring
- https://github.com/cloudworkz/kube-eagle
## Cleanup - Todo
Something along the lines of https://github.com/onfido/k8s-cleanup which doesnt work as is
## Resources
- https://docs.google.com/spreadsheets/d/1WPHt0gsb7adVzY3eviMK2W8LejV0I5m_Zpc8tMzl_2w/edit#gid=0
- https://github.com/ishantanu/awesome-kubectl-plugins